Are there any parameters in CALDAP Server slapd.conf configuration file that will force a connection to be SSL only?
Release : 16.0
Component : CA LDAP Server for z/OS
The security <factors> parameter will accomplish this.
Specifies the security level that is required for the various access methods
to all CA LDAP data from both secure and non-secure CA LDAP ports.
Before configuring this setting, you must configure CA LDAP for encryption.
For more information, see Set Up Certificate Logon.
Default: No factors applied.
Format: security tls=x and update_tls=x
To secure access to all CA LDAP operations, you must configure both
tls and update_tls.
tls controls security access for logon and search operations.
update_tls controls security access to update operations.
For tls=x, x specifies the TLS security strength factor that is
required for performing logon and search operations.
For update_tls=x, x specifies the TLS security strength factor
that is required for performing update operations.
A value of 0 means TLS security is not required.
A value of 1 or greater means some level of TLS security is
required to perform the specified operation.
The value corresponds to the TLS encryption key length.
The higher the value, the stronger the required encryption.
In this example, security is required for applications to
perform any CA LDAP operations, but any encryption level can be used:
security tls=1 update_tls=1
In this example, security is required for applications to perform
logon and search operations with any encryption level, but update
operations require an encryption level of 256 or higher:
security tls=1 update_tls=256
In this example, security with an encryption level of 256 or higher is required for applications to perform all operations:
security tls=256 update_tls=256